{"id":"USN-6895-1","summary":"linux, linux-gcp, linux-nvidia-6.5, linux-raspi vulnerabilities","details":"\nIt was discovered that the ATA over Ethernet (AoE) driver in the Linux\nkernel contained a race condition, leading to a use-after-free\nvulnerability. An attacker could use this to cause a denial of service or\npossibly execute arbitrary code. (CVE-2023-6270)\n\nIt was discovered that the HugeTLB file system component of the Linux\nKernel contained a NULL pointer dereference vulnerability. A privileged\nattacker could possibly use this to to cause a denial of service.\n(CVE-2024-0841)\n\nIt was discovered that the Open vSwitch implementation in the Linux kernel\ncould overflow its stack during recursive action operations under certain\nconditions. A local attacker could use this to cause a denial of service\n(system crash). (CVE-2024-1151)\n\nGui-Dong Han discovered that the software RAID driver in the Linux kernel\ncontained a race condition, leading to an integer overflow vulnerability. A\nprivileged attacker could possibly use this to cause a denial of service\n(system crash). (CVE-2024-23307)\n\nBai Jiaju discovered that the Xceive XC4000 silicon tuner device driver in\nthe Linux kernel contained a race condition, leading to an integer overflow\nvulnerability. An attacker could possibly use this to cause a denial of\nservice (system crash). (CVE-2024-24861)\n\nSeveral security issues were discovered in the Linux kernel.\nAn attacker could possibly use these to compromise the system.\nThis update corrects flaws in the following subsystems:\n  - ARM64 architecture;\n  - PowerPC architecture;\n  - x86 architecture;\n  - Cryptographic API;\n  - Android drivers;\n  - Block layer subsystem;\n  - Bluetooth drivers;\n  - DMA engine subsystem;\n  - GPU drivers;\n  - HID subsystem;\n  - Hardware monitoring drivers;\n  - I2C subsystem;\n  - IIO ADC drivers;\n  - IIO subsystem;\n  - IIO Magnetometer sensors drivers;\n  - InfiniBand drivers;\n  - On-Chip Interconnect management framework;\n  - Multiple devices driver;\n  - Media drivers;\n  - Network drivers;\n  - PHY drivers;\n  - MediaTek PM domains;\n  - SCSI drivers;\n  - TTY drivers;\n  - USB subsystem;\n  - DesignWare USB3 driver;\n  - Framebuffer layer;\n  - AFS file system;\n  - BTRFS file system;\n  - Ceph distributed file system;\n  - Ext4 file system;\n  - File systems infrastructure;\n  - NILFS2 file system;\n  - NTFS3 file system;\n  - SMB network file system;\n  - Core kernel;\n  - Memory management;\n  - Bluetooth subsystem;\n  - CAN network layer;\n  - Devlink API;\n  - Handshake API;\n  - HSR network protocol;\n  - IPv4 networking;\n  - IPv6 networking;\n  - MAC80211 subsystem;\n  - Multipath TCP;\n  - Netfilter;\n  - NFC subsystem;\n  - RxRPC session sockets;\n  - TIPC protocol;\n  - Unix domain sockets;\n  - Realtek audio codecs;\n(CVE-2024-26822, CVE-2024-26917, CVE-2024-26723, CVE-2024-26715,\nCVE-2024-26718, CVE-2024-26664, CVE-2024-26707, CVE-2024-26697,\nCVE-2024-26720, CVE-2024-26660, CVE-2024-26677, CVE-2024-26736,\nCVE-2024-26719, CVE-2024-26642, CVE-2024-26700, CVE-2024-26666,\nCVE-2024-26684, CVE-2024-26803, CVE-2024-26698, CVE-2024-26711,\nCVE-2024-26922, CVE-2024-26828, CVE-2024-26910, CVE-2024-26829,\nCVE-2024-26685, CVE-2024-26920, CVE-2024-26696, CVE-2024-26826,\nCVE-2023-52642, CVE-2024-26703, CVE-2024-26708, CVE-2024-26838,\nCVE-2024-26716, CVE-2023-52631, CVE-2024-26782, CVE-2024-26593,\nCVE-2024-26659, CVE-2024-26825, CVE-2024-26824, CVE-2024-26712,\nCVE-2024-26674, CVE-2024-26722, CVE-2023-52643, CVE-2024-26714,\nCVE-2024-26691, CVE-2024-27416, CVE-2024-26830, CVE-2023-52880,\nCVE-2024-26702, CVE-2023-52645, CVE-2024-26820, CVE-2024-26662,\nCVE-2024-26689, CVE-2024-26676, CVE-2024-26923, CVE-2024-26603,\nCVE-2024-26818, CVE-2023-52638, CVE-2024-26733, CVE-2024-26601,\nCVE-2024-26790, CVE-2024-26661, CVE-2024-26600, CVE-2024-26680,\nCVE-2024-26748, CVE-2024-26792, CVE-2024-26889, CVE-2024-26681,\nCVE-2024-26688, CVE-2024-26665, CVE-2024-26602, CVE-2024-26734,\nCVE-2024-35833, CVE-2024-26919, CVE-2024-26916, CVE-2024-26667,\nCVE-2024-26606, CVE-2024-26693, CVE-2024-26717, CVE-2023-52637,\nCVE-2024-26831, CVE-2024-26663, CVE-2024-26694, CVE-2024-26802,\nCVE-2024-26710, CVE-2024-26789, CVE-2024-26679, CVE-2024-26675,\nCVE-2024-26798, CVE-2024-26695, CVE-2024-26726, CVE-2024-26926,\nCVE-2024-26735, CVE-2024-26898, CVE-2024-26890)\n","modified":"2026-05-23T01:48:24.902831140Z","published":"2024-07-12T10:02:16Z","related":["UBUNTU-CVE-2023-52631","UBUNTU-CVE-2023-52637","UBUNTU-CVE-2023-52638","UBUNTU-CVE-2023-52642","UBUNTU-CVE-2023-52643","UBUNTU-CVE-2023-52645","UBUNTU-CVE-2023-52880","UBUNTU-CVE-2023-6270","UBUNTU-CVE-2024-0841","UBUNTU-CVE-2024-1151","UBUNTU-CVE-2024-23307","UBUNTU-CVE-2024-24861","UBUNTU-CVE-2024-26593","UBUNTU-CVE-2024-26600","UBUNTU-CVE-2024-26601","UBUNTU-CVE-2024-26602","UBUNTU-CVE-2024-26603","UBUNTU-CVE-2024-26606","UBUNTU-CVE-2024-26642","UBUNTU-CVE-2024-26659","UBUNTU-CVE-2024-26660","UBUNTU-CVE-2024-26661","UBUNTU-CVE-2024-26662","UBUNTU-CVE-2024-26663","UBUNTU-CVE-2024-26664","UBUNTU-CVE-2024-26665","UBUNTU-CVE-2024-26666","UBUNTU-CVE-2024-26667","UBUNTU-CVE-2024-26674","UBUNTU-CVE-2024-26675","UBUNTU-CVE-2024-26676","UBUNTU-CVE-2024-26677","UBUNTU-CVE-2024-26679","UBUNTU-CVE-2024-26680","UBUNTU-CVE-2024-26681","UBUNTU-CVE-2024-26684","UBUNTU-CVE-2024-26685","UBUNTU-CVE-2024-26688","UBUNTU-CVE-2024-26689","UBUNTU-CVE-2024-26691","UBUNTU-CVE-2024-26693","UBUNTU-CVE-2024-26694","UBUNTU-CVE-2024-26695","UBUNTU-CVE-2024-26696","UBUNTU-CVE-2024-26697","UBUNTU-CVE-2024-26698","UBUNTU-CVE-2024-26700","UBUNTU-CVE-2024-26702","UBUNTU-CVE-2024-26703","UBUNTU-CVE-2024-26707","UBUNTU-CVE-2024-26708","UBUNTU-CVE-2024-26710","UBUNTU-CVE-2024-26711","UBUNTU-CVE-2024-26712","UBUNTU-CVE-2024-26714","UBUNTU-CVE-2024-26715","UBUNTU-CVE-2024-26716","UBUNTU-CVE-2024-26717","UBUNTU-CVE-2024-26718","UBUNTU-CVE-2024-26719","UBUNTU-CVE-2024-26720","UBUNTU-CVE-2024-26722","UBUNTU-CVE-2024-26723","UBUNTU-CVE-2024-26726","UBUNTU-CVE-2024-26733","UBUNTU-CVE-2024-26734","UBUNTU-CVE-2024-26735","UBUNTU-CVE-2024-26736","UBUNTU-CVE-2024-26748","UBUNTU-CVE-2024-26782","UBUNTU-CVE-2024-26789","UBUNTU-CVE-2024-26790","UBUNTU-CVE-2024-26792","UBUNTU-CVE-2024-26798","UBUNTU-CVE-2024-26802","UBUNTU-CVE-2024-26803","UBUNTU-CVE-2024-26818","UBUNTU-CVE-2024-26820","UBUNTU-CVE-2024-26822","UBUNTU-CVE-2024-26824","UBUNTU-CVE-2024-26825","UBUNTU-CVE-2024-26826","UBUNTU-CVE-2024-26828","UBUNTU-CVE-2024-26829","UBUNTU-CVE-2024-26830","UBUNTU-CVE-2024-26831","UBUNTU-CVE-2024-26838","UBUNTU-CVE-2024-26889","UBUNTU-CVE-2024-26890","UBUNTU-CVE-2024-26898","UBUNTU-CVE-2024-26910","UBUNTU-CVE-2024-26916","UBUNTU-CVE-2024-26917","UBUNTU-CVE-2024-26919","UBUNTU-CVE-2024-26920","UBUNTU-CVE-2024-26922","UBUNTU-CVE-2024-26923","UBUNTU-CVE-2024-26926","UBUNTU-CVE-2024-27416","UBUNTU-CVE-2024-35833"],"upstream":["CVE-2024-26666","CVE-2024-26667","CVE-2024-26674","CVE-2024-26693","CVE-2024-26694","CVE-2024-26703","CVE-2024-26708","CVE-2024-26710","CVE-2024-26711","CVE-2024-26716","CVE-2024-26720","CVE-2024-26722","CVE-2024-26723","CVE-2024-26734","CVE-2024-26789","CVE-2024-26792","CVE-2024-26818","CVE-2024-26820","CVE-2024-26824","CVE-2024-26831","CVE-2024-26889","CVE-2024-26890","CVE-2024-26910","CVE-2024-26916","CVE-2024-26917","CVE-2024-26919","CVE-2024-27416","UBUNTU-CVE-2024-26666","UBUNTU-CVE-2024-26667","UBUNTU-CVE-2024-26674","UBUNTU-CVE-2024-26693","UBUNTU-CVE-2024-26694","UBUNTU-CVE-2024-26703","UBUNTU-CVE-2024-26708","UBUNTU-CVE-2024-26710","UBUNTU-CVE-2024-26711","UBUNTU-CVE-2024-26716","UBUNTU-CVE-2024-26720","UBUNTU-CVE-2024-26722","UBUNTU-CVE-2024-26723","UBUNTU-CVE-2024-26734","UBUNTU-CVE-2024-26789","UBUNTU-CVE-2024-26792","UBUNTU-CVE-2024-26818","UBUNTU-CVE-2024-26820","UBUNTU-CVE-2024-26824","UBUNTU-CVE-2024-26831","UBUNTU-CVE-2024-26889","UBUNTU-CVE-2024-26890","UBUNTU-CVE-2024-26910","UBUNTU-CVE-2024-26916","UBUNTU-CVE-2024-26917","UBUNTU-CVE-2024-26919","UBUNTU-CVE-2024-27416"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-6895-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-26666"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-26667"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-26674"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-26693"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-26694"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-26703"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-26708"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-26710"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-26711"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-26716"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-26720"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-26722"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-26723"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-26734"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-26789"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-26792"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-26818"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-26820"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-26824"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-26831"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-26889"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-26890"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-26910"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-26916"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-26917"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-26919"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-27416"}],"affected":[{"package":{"name":"linux-nvidia-6.5","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/linux-nvidia-6.5?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.5.0-1023.24"}]}],"versions":["6.5.0-1004.4","6.5.0-1007.7","6.5.0-1013.13","6.5.0-1014.14","6.5.0-1015.15","6.5.0-1018.18","6.5.0-1019.19","6.5.0-1021.22","6.5.0-1022.23"],"ecosystem_specific":{"binaries":[{"binary_name":"linux-buildinfo-6.5.0-1023-nvidia","binary_version":"6.5.0-1023.24"},{"binary_name":"linux-buildinfo-6.5.0-1023-nvidia-64k","binary_version":"6.5.0-1023.24"},{"binary_name":"linux-headers-6.5.0-1023-nvidia","binary_version":"6.5.0-1023.24"},{"binary_name":"linux-headers-6.5.0-1023-nvidia-64k","binary_version":"6.5.0-1023.24"},{"binary_name":"linux-image-unsigned-6.5.0-1023-nvidia","binary_version":"6.5.0-1023.24"},{"binary_name":"linux-image-unsigned-6.5.0-1023-nvidia-64k","binary_version":"6.5.0-1023.24"},{"binary_name":"linux-modules-6.5.0-1023-nvidia","binary_version":"6.5.0-1023.24"},{"binary_name":"linux-modules-6.5.0-1023-nvidia-64k","binary_version":"6.5.0-1023.24"},{"binary_name":"linux-modules-extra-6.5.0-1023-nvidia","binary_version":"6.5.0-1023.24"},{"binary_name":"linux-modules-nvidia-fs-6.5.0-1023-nvidia","binary_version":"6.5.0-1023.24"},{"binary_name":"linux-modules-nvidia-fs-6.5.0-1023-nvidia-64k","binary_version":"6.5.0-1023.24"},{"binary_name":"linux-nvidia-6.5-headers-6.5.0-1023","binary_version":"6.5.0-1023.24"},{"binary_name":"linux-nvidia-6.5-tools-6.5.0-1023","binary_version":"6.5.0-1023.24"},{"binary_name":"linux-nvidia-6.5-tools-host","binary_version":"6.5.0-1023.24"},{"binary_name":"linux-tools-6.5.0-1023-nvidia","binary_version":"6.5.0-1023.24"},{"binary_name":"linux-tools-6.5.0-1023-nvidia-64k","binary_version":"6.5.0-1023.24"}],"availability":"No subscription required"},"database_specific":{"cves_map":{"ecosystem":"Ubuntu:22.04:LTS","cves":[{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-26666"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-26667"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-26674"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-26693"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-26694"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-26703"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-26708"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-26710"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-26711"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-26716"},{"severity":[{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-26720"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-26722"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-26723"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-26734"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-26789"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-26792"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"low","type":"Ubuntu"}],"id":"CVE-2024-26818"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"low","type":"Ubuntu"}],"id":"CVE-2024-26820"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-26824"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-26831"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-26889"},{"severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-26890"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"low","type":"Ubuntu"}],"id":"CVE-2024-26910"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-26916"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-26917"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"low","type":"Ubuntu"}],"id":"CVE-2024-26919"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2024-27416"}]},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6895-1.json"}}],"schema_version":"1.7.5"}